|
/* |
|
This will save all the metadata in respective directories: |
|
1. roles-config |
|
2. attached-role-policies |
|
3. securitygroups |
|
|
|
* Make sure you have admin role which has full access like we are using list and describe API of node-aws-sdk |
|
* All data is stored in json file |
|
|
|
*/ |
|
|
|
var fs = require('fs') |
|
var chalk = require('chalk') |
|
var AWS = require('aws-sdk'); |
|
var iam = new AWS.IAM(); |
|
// config your region always before your instantiate EC2 |
|
AWS.config.update({region: 'us-west-2'}); |
|
var ec2 = new AWS.EC2(); |
|
|
|
// accesskeyid and secretaccesskey can also be loaded from a config file |
|
AWS.config.update({accessKeyId: 'accesskeyid', secretAccessKey: 'secretaccesskey'}); |
|
|
|
|
|
var params = { |
|
PathPrefix: '/' |
|
} |
|
|
|
var rolenames = []; |
|
|
|
function listRoles(){ |
|
return new Promise( (resolve,reject) => { |
|
iam.listRoles(params, function (err,data){ |
|
if (err){ |
|
console.log('Error while fetching list of IAM roles',err) |
|
}else{ |
|
for(var i=0; i < data.Roles.length; i++){ |
|
rolenames.push(data.Roles[i].RoleName); |
|
|
|
if(rolenames.length == data.Roles.length){ |
|
resolve(rolenames); |
|
} |
|
} |
|
|
|
} |
|
}) |
|
}); |
|
} |
|
|
|
|
|
//fetching list of roles |
|
listRoles() |
|
.then ( (roles) => { |
|
|
|
console.log('total roles', roles.length); |
|
var counter = 0; |
|
for(var i=0; i < roles.length; i++){ |
|
iam.getRole({RoleName: roles[i]}, function(err, data){ |
|
|
|
//decoding policy since it is encoded URL json returned from the API |
|
data.Role.AssumeRolePolicyDocument = decodeURIComponent(data.Role.AssumeRolePolicyDocument); |
|
console.log(chalk.red('Config for ' + roles[counter] + ' -- Done')); |
|
|
|
fs.writeFile('./roles-config/'+roles[counter]+'.json', JSON.stringify(data),'utf8',function(err){ |
|
if(err){ |
|
console.log(chalk.green(err)); |
|
} |
|
}); |
|
counter += 1; |
|
}) |
|
|
|
} |
|
return roles; |
|
}) |
|
.then ( (res) => { |
|
var promisearray = [] |
|
for(var x=0; x < res.length; x++){ |
|
promisearray.push(writepoliciesattachedtorole(res[x])); |
|
} |
|
|
|
Promise.all(promisearray).then ( (res) => { |
|
console.log(chalk.green('All policies attached to role is DONE... :) ')); |
|
}) |
|
}) |
|
|
|
|
|
//saving security configs for region 'us-west-2' |
|
writedescsecurityGroup() |
|
.then ( (result) => { |
|
console.log('writedescsecurityGroup result', result); |
|
}) |
|
|
|
function writepoliciesattachedtorole(rolename){ |
|
return new Promise( (resolve, reject) => { |
|
|
|
iam.listAttachedRolePolicies({RoleName: rolename}, function(err,data){ |
|
|
|
let dirname = './attached-role-policies/'; |
|
writetofile(dirname, rolename, JSON.stringify(data)) |
|
.then( (response) => { |
|
if(response == 'done'){ |
|
resolve('good'); |
|
} |
|
}) |
|
}) |
|
|
|
|
|
}).then ( (response) => { |
|
|
|
}) |
|
} |
|
|
|
|
|
function writetofile(directory, filename, data){ |
|
return new Promise ( (resolve,reject) => { |
|
fs.writeFile(directory + filename + '.json', data,'utf8',function(err){ |
|
if(err){ |
|
console.log(chalk.green(err)); |
|
}else{ |
|
console.log(chalk.blue(filename + ' policies attached to role written to file DONE.')); |
|
resolve('done') |
|
} |
|
}); |
|
}) |
|
} |
|
|
|
function writedescsecurityGroup(){ |
|
let sgpromisearray = []; |
|
return new Promise( (resolve, reject) => { |
|
let dirname = './securitygroups/' |
|
ec2.describeSecurityGroups({},function(err,data){ |
|
console.log(chalk.red('fetching security group data')); |
|
|
|
if(err){ |
|
console.log(chalk.red('Error while fetching security groups!',err)); |
|
} |
|
|
|
for(var count=0; count < data.SecurityGroups.length; count++){ |
|
let groupName = data.SecurityGroups[count].GroupName |
|
sgpromisearray.push(writetofile(dirname,groupName,JSON.stringify(data.SecurityGroups[count]))); |
|
} |
|
|
|
Promise.all(sgpromisearray).then ( (res) => { |
|
resolve('done with securitygroups'); |
|
}) |
|
|
|
}); |
|
}).then ( (response) => { |
|
console.log('sg respopnse', response); |
|
}) |
|
} |
|
|
|
|
|
|
|
|
|
|